Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSA CM

Is their any way to find out what polices the CSA is using to mitigate attacks with the unmanaged client?

Or this feature only available with the mangemnet console i.e setting polices ?

If thats the case

Is their any thing "polices"that can be configured with the unmanegd client ?Or can we veiw current policies.

Also I'm seeing events similar to the ones below in the csa log,after NMAP scans of CCM Buth dont seem to be seeing/getting events in the pop-up box or event viewer log.

It appears the CSA unmanged client is designed deployed "unmanged" as a one trick pony.

And to get excited we need the mangment centre for policy controll.

And therfor events/attacks will not be shown in the CSA message box.

I tried to probe scan and copy files to the CCM to excite the Message box to display messages and asess their validity.but nothing popped.

I do get

Text log displays messages : )

2003-11-18 16:16:51.108,Warning,"There were 18 IP packets dropped in the last minute due to NetShield policy enforcement. Source addresses included X.X.X.1. If this message occurs frequently, then your systems may be under attack or are being probed.","FIREWALL_DROP_SUMMARY","","",,,,,,,"",,"(

In conclusion what are the default policies for unamnged client(Just logging warnings that we may be under attack from suspicous behaviour) as it is obviously "DOING A little"

Allan

1 REPLY
Bronze

Re: CSA CM

There is a xml file included with the client that has the security configuration. You can import this file into VMS if you wish to manage your CM's centrally.

96
Views
0
Helpful
1
Replies